Intrusion detection systems (IDS) are some of the new kids on the secured-computing block. While these network-based systems are on the rise, they are still misunderstood and not used nearly enough. Certain types of businesses might require an IDS since the data they house is personal, proprietary and confidential.

The casino and hospitality industries are good examples of where IDS might be necessary. Not only would a casino not want a hacker to access private information, the consequences of such an attack might have other ramifications. If a hacker tapped into a casino database, he would be privy to information, such as credit card accounts, personal information and more. Casinos pride themselves on doing their homework in relation to their guests and players. Because of this, they host some pretty critical information. It could be detrimental to everyone involved if that information fell into the wrong hands.

What is IDS?

Intrusion-detection systems are designed to alert of network attacks from both external (hackers) and internal (employee misuse). An IDS is something that acts as back-end support to a firewall. Firewalls are meant to prevent such attacks in the first place, but they are not perfect. Because hackers have become increasingly malicious and proficient at getting through firewalls, the importance of using an IDS has been becoming more popular in settings with large amounts of crucial information.

There are basically two types of intrusion-detection systems: host-based IDS (HIDS) and network-based IDS (NIDS). Host-based systems are operated from the host, generally a Web server. HIDS are adept at observing inside activity that is potentially unauthorized.

The network-based systems are more common in large-scale operations, such as hotels and casinos. NIDS monitor all data flow over a network, allowing for continual analysis and monitoring of all traffic, a key element in network security.

What happens in an attack?

If an attack occurs, it is the function of the IDS to respond accordingly. Since the IDS constantly monitors traffic over the network, it should have been aware that a problem was brewing. When such an incidence occurs, the IDS can do a few things that would aid in stopping the attack or at the least helping to minimize damage. An IDS would have the ability to log users off the system, close down a user’s account and launch scripts. These are the things that would essentially boot that attacker back out of the network, thus allowing the system administrator the opportunity to go in and make fixes.

Even though all of this protection sounds appealing, an IDS truly shines after a hacker attacks. An IDS is an exceptional tool that helps provide an accurate “after-the-fact” analysis, perhaps one of the best weapons around to prevent future intrusions.

Do you really need one?

Probably yes. While many feel that firewalls are enough protection for the average network, there are too many cases of hackers or disgruntled employees gaining access to information that just is not meant for the general public.

One of the biggest arguments against intrusion-detection systems is not actually related to the application itself; it is more of a management/implementation issue. As with most products rooted in newer technology, there is a lag time between product installation and routine usage. If you buy an IDS, start using it as soon as possible. If it just lies dormant, it won’t be able to protect you.

The hospitality and casino industries enjoy their livelihood based on customer retention and reputation. Because of this, the industries need to take every step to protect their customers. Would you want a malicious hacker to have your high-rollers’ banking information? Would you want a recently fired employee, who is going to work at the competition, compiling lists of loyal players that took you years to obtain? If your answer is a resounding no, then you may want to look into having an IDS installed.

STONG-MICHAS, a freelance writer, lives in central Pennsylvania. She can be reached at JenLeahS@msn.com.